10/719,303 

Response to OA mailed 17 April 2008 
II. CLAIM AMENDMENTS 

1. (Currently Amended) A method for establishing and managing a trust model 
between an identification module and a radio terminal, said method comprising: 

authenticating a radio terminal by said identification module, said authenticating 
being carried out by radio terminal authentication m ean s arrangements that are 
provided either to said identification module by a mobile radio-telephony network 
at the time of an initialization or at the time of an updating, or to said radio 
terminal by the identification module; and 

controlling by said identification module at least one specific characteristic of the 
radio terminal, said specific characteristic being previously transmitted by radio- 
telephony to said identification module from a secured server of said mobile 
radio-telephony network. 

2. (Currently Amended) The method according to claim 1, wherein said radio terminal 
authentication means arrangements present in the identification module are provided 
with a validity period that is limited by a determined expiration date, said authentication 
means being comprised of at least one authentication key. 

3. (Previously Presented) The method according to claim 1, wherein said identification 
module comprises at least one of an SIM type chip card, an USIM card for third- 
generation networks, or an equivalent card comprising in a memory the representative 
subscription data. 
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4. (Currently Amended) The method according to claim 1, wherein the identification 
module maintains a trust relationship with the radio terminal by generating 
authentication moons arrangements and then by providing these authentication moons 
arrangements to the radio terminal by secured exchange mechanisms based on 
authentication means initially available from the radio terminal. 

5. (Previously Presented) The method according to claim 1, comprising at the time of 
said initialization or updating generating, carried out at least by said identification 
module, a trust key, said trust key being used by said module for encrypting at least 
data exchanged between the identification module and the radio terminal. 

6. (Previously Presented) The method according to claim 2, wherein said initialization 
of said authentication means is done on the initiative of the radio-telephony network, 
after denial of the key initiated by at least one of said module, the mobile radio- 
telephony network, or the radio terminal, following an expiration of the validity period 
of the key or at the time of initialization of the identification module. 

7. (Previously Presented) The method according to claim 1, wherein said authenticating 
comprises: 

utilization in the radio terminal of at least one first authentication key memorized in 
the radio terminal by at least on first authentication algorithm memorized in the 
radio terminal, said first key having a validity period limited by a predefined 
expiration date; 

utilization by the identification module of at least one second key memorized in the 
identification module by at least one second authentication algorithm memorized 
in the identification module, said second key being identical or complementary to 
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the first key and associated with the radio terminal, said second key having a 
validity period limited by said predefined expiration date; and 

comparing in the identification module the results obtained by said first and second 
authentication algorithms. 

8. (Previously Presented) The method according to claim 2, wherein said authenticating 
comprises the utilization of said predefined expiration date. 

9. (Previously Presented) The method according to claim 7, wherein said initialization is 
initiated by a mobile radio-telephony network and also comprises: 

generation by the identification module of at least one of said first and second keys; 

storage in the identification module of said second key; and 

transmission to the radio terminal by the identification module of said first key, said 
first key being encrypted by use of the trust key. 

10. (Previously Presented) The method according to of claim 7, wherein said 
comparing is done between a response produced by said first authentication algorithm, 
stored in memory in the radio terminal and transmitted to said identification module 
and a response result, stored in memory in the identification module, produced by said 
second authentication algorithm. 

11. (Original) The method according to claim 7, wherein said first key is an 
asymmetrical private key Ks and said second key being a public key Kp complementary 
to the first key. 
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12. (Original) The method according to claim 7, wherein said first key is symmetrical, 
said second key is stored in memory in the identification module being identical to the 
first key, these keys forming a single symmetrical authentication key. 

13. (Previously Presented) The method according to claim 7, further comprising 
updating of said first and second keys, initiated by the identification module prior to 
said predefined expiration date, said updating including: 

authentication between the radio terminal and the identification module using said 
first and second keys; 

generation by an updating algorithm of the identification module of at least one 
updated key taking into account information for replacing at least one of said 
first and second keys; 

memorization in the identification module of the updated key for replacing said 
second key; and 

transmission to the radio terminal by the identification module of the updated key 
analogue of said first key. 

14. (Previously Presented) The method according to claim 13, wherein said updating 
further comprises the control of at least one of one identifier of the radio terminal or of 
the identification module. 

15. (Previously Presented) The method according to claim 13, wherein an encryption of 
the key is carried out for said transmission to the radio terminal of the updated key 
analogue of the first key, said key encryption being done by said trust key. 
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16. (Currently Amended) The method according to claim 13, wherein the updating also 
comprises: 

generation by the identification module of a new trust key after said authentication 
between radio terminal and module; 

memorization in the identification module of the new trust key; and 

transmission to the radio terminal by the identification module of the newly 
generated trust key. 

17. (Previously Presented) The method according to claim 13, wherein said updating is 
completed by a verification test comprising a return transmission on the part of the 
radio terminal of at least one datum representative of effective receipt of data 
transmitted by the identification module during the updating. 

18. (Previously Presented) The method according to claim 5, wherein said trust key is a 
symmetrical encryption/decryption key analogous to said symmetrical authentication 
key. 

19. (Original) The method according to claim 5, wherein said trust key is an erasable 
session key. 

20. (Previously Presented) The method according to claim 7, wherein a revocation is 
carried out on the initiative of the identification module, of the radio terminal, or of the 
corresponding radio-telephony network, said revocation comprising the erasure in a 
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memory of said identification module of at least said first key associated with the radio 
terminal. 

21. (Previously Presented) An identification module in a radio terminal comprising a 
device for memorizing at least one authentication algorithm, a calculation device for 
executing at least applying an authentication key to said authentication algorithm as 
well as at least one authentication algorithm memorized in the identification module, a 
communication device, a device for initiating a revocation and a revocation device for 
revoking said authentication key, a device for memorizing a specific characteristic of the 
radio terminal and a device for actuating an updating algorithm for updating said 
authentication key, the communication device being capable of providing at least one 
authentication key to the radio terminal and receiving data send from a secured server 
of a mobile radio-telephony network. 

22. (Previously Presented) The method according to claim 5, wherein said trust key is a 
symmetrical encryption/decryption key identical to said symmetrical authentication key. 
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